package com.chenyun.gateway.security;//package com.chenyun.gateway.security;
//
//import lombok.AllArgsConstructor;
//import org.springframework.boot.context.properties.EnableConfigurationProperties;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.http.HttpMethod;
//import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
//import org.springframework.security.config.web.server.ServerHttpSecurity;
//import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
//import org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter;
//import org.springframework.security.oauth2.server.resource.authentication.ReactiveJwtAuthenticationConverterAdapter;
//import org.springframework.security.web.server.SecurityWebFilterChain;
//
//
//import java.util.Arrays;
//
///**
// * 配置资源服务
// * @author: Lonni
// * @date: 2022/6/4 0004 21:59
// */
//@Configuration
//@AllArgsConstructor
//@EnableWebFluxSecurity
//@EnableConfigurationProperties(value =SecurityConfigProperties.class )
//public class ResourceServerConfig {
//
//    /** security 配置 */
//    private final SecurityConfigProperties securityConfigProperties;
//    private final CustomServerAccessDeniedHandler customServerAccessDeniedHandler;
//    private  final CustomServerAuthenticationEntryPoint customServerAuthenticationEntryPoint;
//    private final AuthorizationManager authorizationManager;
//
//    public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http){
//        http.oauth2ResourceServer().jwt()
//                .jwtAuthenticationConverter(jwtAuthenticationConverter());
//        // 自定义处理JWT请求头过期或签名错误的结果
//        http.oauth2ResourceServer().authenticationEntryPoint(customServerAuthenticationEntryPoint);
//        http.authorizeExchange()
//                .pathMatchers(HttpMethod.OPTIONS).permitAll()
//                //忽略白名单
//                .pathMatchers(securityConfigProperties.getIgnoreUrls().toArray(new String[]{}))
//                 .permitAll()
//                .anyExchange().access(authorizationManager)
//                .and()
//                .exceptionHandling()
//                .accessDeniedHandler(customServerAccessDeniedHandler) // 处理未授权
//                .authenticationEntryPoint(customServerAuthenticationEntryPoint) //处理未认证
//                // 将一个字符串token转换成一个认证对象
//                .and().csrf().disable();
//
//        return http.build();
//
//    }
//
//    @Bean
//    public ReactiveJwtAuthenticationConverterAdapter jwtAuthenticationConverter() {
//        JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
//        jwtGrantedAuthoritiesConverter.setAuthorityPrefix("");
//        jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName("authorities");
//        JwtAuthenticationConverter jwtAuthenticationConverter = new JwtAuthenticationConverter();
//        jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwtGrantedAuthoritiesConverter);
//        return new ReactiveJwtAuthenticationConverterAdapter(jwtAuthenticationConverter);
//    }
//
//
//}
